| // Copyright 2014 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "extensions/browser/computed_hashes.h" |
| #include "base/base64.h" |
| #include "base/files/file_path.h" |
| #include "base/files/scoped_temp_dir.h" |
| #include "base/strings/stringprintf.h" |
| #include "build/build_config.h" |
| #include "crypto/sha2.h" |
| #include "extensions/common/constants.h" |
| #include "testing/gtest/include/gtest/gtest.h" |
| |
| namespace { |
| |
| // Whether or not dot and space suffixes of filename are ignored in the |
| // current OS. |
| const bool kDotSpaceSuffixIgnored = |
| #if defined(OS_WIN) |
| true; |
| #else |
| false; |
| #endif // defined(OS_WIN) |
| |
| // Helper to return base64 encode result by value. |
| std::string Base64Encode(const std::string& data) { |
| std::string result; |
| base::Base64Encode(data, &result); |
| return result; |
| } |
| |
| struct HashInfo { |
| base::FilePath path; |
| int block_size; |
| std::vector<std::string> hashes; |
| }; |
| |
| testing::AssertionResult WriteThenReadComputedHashes( |
| const std::vector<HashInfo>& hash_infos, |
| extensions::ComputedHashes* result) { |
| base::ScopedTempDir scoped_dir; |
| if (!scoped_dir.CreateUniqueTempDir()) |
| return testing::AssertionFailure() << "Failed to create temp dir."; |
| |
| base::FilePath computed_hashes_path = |
| scoped_dir.GetPath().AppendASCII("computed_hashes.json"); |
| extensions::ComputedHashes::Data computed_hashes_data; |
| for (const auto& info : hash_infos) { |
| computed_hashes_data[info.path] = |
| extensions::ComputedHashes::HashInfo(info.block_size, info.hashes); |
| } |
| |
| if (!extensions::ComputedHashes(std::move(computed_hashes_data)) |
| .WriteToFile(computed_hashes_path)) { |
| return testing::AssertionFailure() |
| << "Failed to write computed_hashes.json"; |
| } |
| base::Optional<extensions::ComputedHashes> computed_hashes = |
| extensions::ComputedHashes::CreateFromFile(computed_hashes_path); |
| if (!computed_hashes) |
| return testing::AssertionFailure() << "Failed to read computed_hashes.json"; |
| *result = std::move(computed_hashes.value()); |
| |
| return testing::AssertionSuccess(); |
| } |
| |
| } // namespace |
| |
| namespace extensions { |
| |
| TEST(ComputedHashesTest, ComputedHashes) { |
| // We'll add hashes for 2 files, one of which uses a subdirectory |
| // path. The first file will have a list of 1 block hash, and the |
| // second file will have 2 block hashes. |
| base::FilePath path1(FILE_PATH_LITERAL("foo.txt")); |
| base::FilePath path2 = |
| base::FilePath(FILE_PATH_LITERAL("foo")).AppendASCII("bar.txt"); |
| std::vector<std::string> hashes1 = {crypto::SHA256HashString("first")}; |
| std::vector<std::string> hashes2 = {crypto::SHA256HashString("second"), |
| crypto::SHA256HashString("third")}; |
| const int kBlockSize1 = 4096; |
| const int kBlockSize2 = 2048; |
| |
| ComputedHashes computed_hashes{ComputedHashes::Data()}; |
| ASSERT_TRUE(WriteThenReadComputedHashes( |
| {{path1, kBlockSize1, hashes1}, {path2, kBlockSize2, hashes2}}, |
| &computed_hashes)); |
| |
| // After reading hashes back assert that we got what we wrote. |
| std::vector<std::string> read_hashes1; |
| std::vector<std::string> read_hashes2; |
| |
| int block_size = 0; |
| EXPECT_TRUE(computed_hashes.GetHashes(path1, &block_size, &read_hashes1)); |
| EXPECT_EQ(block_size, 4096); |
| block_size = 0; |
| EXPECT_TRUE(computed_hashes.GetHashes(path2, &block_size, &read_hashes2)); |
| EXPECT_EQ(block_size, 2048); |
| |
| EXPECT_EQ(hashes1, read_hashes1); |
| EXPECT_EQ(hashes2, read_hashes2); |
| |
| // Make sure we can lookup hashes for a file using incorrect case |
| base::FilePath path1_badcase(FILE_PATH_LITERAL("FoO.txt")); |
| std::vector<std::string> read_hashes1_badcase; |
| EXPECT_TRUE(computed_hashes.GetHashes(path1_badcase, &block_size, |
| &read_hashes1_badcase)); |
| EXPECT_EQ(block_size, 4096); |
| EXPECT_EQ(hashes1, read_hashes1_badcase); |
| |
| // Finally make sure that we can retrieve the hashes for the subdir |
| // path even when that path contains forward slashes (on windows). |
| base::FilePath path2_fwd_slashes = |
| base::FilePath::FromUTF8Unsafe("foo/bar.txt"); |
| block_size = 0; |
| EXPECT_TRUE( |
| computed_hashes.GetHashes(path2_fwd_slashes, &block_size, &read_hashes2)); |
| EXPECT_EQ(hashes2, read_hashes2); |
| } |
| |
| // Note: the expected hashes used in this test were generated using linux |
| // command line tools. E.g., from a bash prompt: |
| // $ printf "hello world" | openssl dgst -sha256 -binary | base64 |
| // |
| // The file with multiple-blocks expectations were generated by doing: |
| // $ for i in `seq 500 ; do printf "hello world" ; done > hello.txt |
| // $ dd if=hello.txt bs=4096 count=1 | openssl dgst -sha256 -binary | base64 |
| // $ dd if=hello.txt skip=1 bs=4096 count=1 | |
| // openssl dgst -sha256 -binary | base64 |
| TEST(ComputedHashesTest, GetHashesForContent) { |
| const int block_size = 4096; |
| |
| // Simple short input. |
| std::string content1 = "hello world"; |
| std::string content1_expected_hash = |
| "uU0nuZNNPgilLlLX2n2r+sSE7+N6U4DukIj3rOLvzek="; |
| std::vector<std::string> hashes1 = |
| ComputedHashes::GetHashesForContent(content1, block_size); |
| ASSERT_EQ(1u, hashes1.size()); |
| EXPECT_EQ(content1_expected_hash, Base64Encode(hashes1[0])); |
| |
| // Multiple blocks input. |
| std::string content2; |
| for (int i = 0; i < 500; i++) |
| content2 += "hello world"; |
| const char* content2_expected_hashes[] = { |
| "bvtt5hXo8xvHrlzGAhhoqPL/r+4zJXHx+6wAvkv15V8=", |
| "lTD45F7P6I/HOdi8u7FLRA4qzAYL+7xSNVeusG6MJI0="}; |
| std::vector<std::string> hashes2 = |
| ComputedHashes::GetHashesForContent(content2, block_size); |
| ASSERT_EQ(2u, hashes2.size()); |
| EXPECT_EQ(content2_expected_hashes[0], Base64Encode(hashes2[0])); |
| EXPECT_EQ(content2_expected_hashes[1], Base64Encode(hashes2[1])); |
| |
| // Now an empty input. |
| std::string content3; |
| std::vector<std::string> hashes3 = |
| ComputedHashes::GetHashesForContent(content3, block_size); |
| ASSERT_EQ(1u, hashes3.size()); |
| ASSERT_EQ(std::string("47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="), |
| Base64Encode(hashes3[0])); |
| } |
| |
| // Tests that dot/space path suffixes are treated correctly in |
| // ComputedHashes::InitFromFile. |
| // |
| // Regression test for https://crbug.com/696208. |
| TEST(ComputedHashesTest, DotSpaceSuffix) { |
| const std::string hash_value = crypto::SHA256HashString("test"); |
| ComputedHashes computed_hashes{ComputedHashes::Data()}; |
| // Add hashes for "foo.html" to computed_hashes.json. |
| ASSERT_TRUE(WriteThenReadComputedHashes( |
| { |
| {base::FilePath(FILE_PATH_LITERAL("foo.html")), |
| extension_misc::kContentVerificationDefaultBlockSize, |
| {hash_value}}, |
| }, |
| &computed_hashes)); |
| std::vector<std::string> read_hashes; |
| |
| struct TestCase { |
| const char* path; |
| bool expect_hash; |
| |
| std::string ToString() const { |
| return base::StringPrintf("path = %s, expect_hash = %d", path, |
| expect_hash); |
| } |
| } test_cases[] = { |
| // Sanity check: existing file. |
| {"foo.html", true}, |
| // Sanity check: non existent file. |
| {"notfound.html", false}, |
| // Path with "." suffix, along with incorrect case for the same. |
| {"foo.html.", kDotSpaceSuffixIgnored}, |
| {"fOo.html.", kDotSpaceSuffixIgnored}, |
| // Path with " " suffix, along with incorrect case for the same. |
| {"foo.html ", kDotSpaceSuffixIgnored}, |
| {"fOo.html ", kDotSpaceSuffixIgnored}, |
| // Path with ". " suffix, along with incorrect case for the same. |
| {"foo.html. ", kDotSpaceSuffixIgnored}, |
| {"fOo.html. ", kDotSpaceSuffixIgnored}, |
| // Path with " ." suffix, along with incorrect case for the same. |
| {"foo.html .", kDotSpaceSuffixIgnored}, |
| {"fOo.html .", kDotSpaceSuffixIgnored}, |
| }; |
| |
| for (const auto& test_case : test_cases) { |
| SCOPED_TRACE(test_case.ToString()); |
| int block_size = 0; |
| std::vector<std::string> read_hashes; |
| EXPECT_EQ( |
| test_case.expect_hash, |
| computed_hashes.GetHashes(base::FilePath().AppendASCII(test_case.path), |
| &block_size, &read_hashes)); |
| |
| if (test_case.expect_hash) { |
| EXPECT_EQ(block_size, |
| extension_misc::kContentVerificationDefaultBlockSize); |
| ASSERT_EQ(1u, read_hashes.size()); |
| EXPECT_EQ(hash_value, read_hashes[0]); |
| } |
| } |
| } |
| |
| } // namespace extensions |